Defining
rights and privileges
This section describes how to configure access management when not using Central Governance.
This section explains the actions you can perform to define user rights
and privileges in the Transfer CFT. It begins with this
page, which explains user profiles and privileges.
The book is comprised of the following topics:
The security administrator is
responsible for identifying all potential Transfer CFT users and their
various needs.
Creating
the inventory of objects and protection mechanisms
This stage consists of defining action and object domains by creating
associations between the basic actions and object types provided.
Defining domains
Initially, there is no relationship between the managed objects and
individual user names.
Defining action and object domains is not mandatory. The basic actions
and objects may be grouped together directly within categories.
The security administrator also defines the scope of the objects within
the action domain.
Defining users
Potential Transfer CFT users must be grouped together by means of user
profiles. The security administrator is responsible for:
- Naming each group,
either by basing the Transfer CFT groups on those already defined at operating
system level, or via a security utility external to Transfer CFT, or by
defining them explicitly
- Specifying how
users will be identified. This operation requires particular care in the
case of remote users